Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7c/022839-6984-40d4-8716-6cb89791d7fd/1/ptIVhUB72Uio90yYC8vACO4zca4.roa
File:                     ptIVhUB72Uio90yYC8vACO4zca4.roa (raw, json)
Hash identifier:          +ZHfcBTPIchDyjukr0/biLFGd5vx2IP/hF44GqQMbQE=
Subject key identifier:   A6:D2:15:85:40:7B:D9:48:A8:F7:4C:98:0B:CB:C0:08:EE:33:71:AE
Certificate issuer:       /CN=f77705e89bb65b472e4e0184d6fe9bfb8c58635a
Certificate serial:       018951390FF32AC0A13725EFE6C0B25DDE2B
Authority key identifier: F7:77:05:E8:9B:B6:5B:47:2E:4E:01:84:D6:FE:9B:FB:8C:58:63:5A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/93cF6Ju2W0cuTgGE1v6b-4xYY1o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7c/022839-6984-40d4-8716-6cb89791d7fd/1/ptIVhUB72Uio90yYC8vACO4zca4.roa
Signing time:             Thu 13 Jul 2023 21:47:21 +0000
ROA not before:           Thu 13 Jul 2023 21:47:21 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     197795
IP address blocks:        2a03:5840:fa::/48 maxlen: 48

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 04:30:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:51:39:0f:f3:2a:c0:a1:37:25:ef:e6:c0:b2:5d:de:2b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f77705e89bb65b472e4e0184d6fe9bfb8c58635a
        Validity
            Not Before: Jul 13 21:47:21 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=a6d21585407bd948a8f74c980bcbc008ee3371ae
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:41:12:7f:e5:cc:68:ef:91:a6:42:e2:bd:50:
                    05:cc:af:b1:3d:cf:c8:c3:e4:8b:66:34:8e:f5:f5:
                    20:f9:4e:67:41:e6:83:05:44:59:c2:26:00:17:6d:
                    75:a8:54:ef:08:ab:55:c7:f9:c4:d4:a1:e2:84:2f:
                    62:ac:d3:ef:cd:a4:8a:2d:f3:42:0f:1f:7f:c6:df:
                    76:68:15:15:48:a5:a0:1f:a1:c3:16:10:3a:f3:d5:
                    f0:ee:7e:1b:9c:4f:38:c0:77:bd:f5:63:6e:b7:ed:
                    d7:cb:e1:61:35:81:9e:cf:c5:7f:f2:be:42:a7:d2:
                    3a:a9:76:2f:e9:0d:66:87:58:e7:2f:b8:ee:99:f8:
                    58:80:9c:84:47:7a:83:e8:40:56:45:7a:c6:4b:c1:
                    c5:77:d8:e4:15:7b:8f:b7:47:c6:6c:b2:d3:c5:e0:
                    89:28:33:89:66:3a:f7:3a:0c:4e:4f:4e:c0:d9:76:
                    4c:a2:39:65:ab:da:93:df:57:37:49:4c:5d:3c:db:
                    4b:1b:92:9f:c5:85:39:e7:c8:0c:0e:bc:c1:dc:cf:
                    d4:cc:72:e6:0e:4d:7f:28:24:ae:ff:19:ab:15:5d:
                    35:42:0d:74:14:db:32:cb:ed:ab:40:d8:4c:fc:9c:
                    8d:0a:bb:57:ca:29:39:72:11:4c:bf:39:f7:8e:0c:
                    76:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A6:D2:15:85:40:7B:D9:48:A8:F7:4C:98:0B:CB:C0:08:EE:33:71:AE
            X509v3 Authority Key Identifier:
                keyid:F7:77:05:E8:9B:B6:5B:47:2E:4E:01:84:D6:FE:9B:FB:8C:58:63:5A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/93cF6Ju2W0cuTgGE1v6b-4xYY1o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/022839-6984-40d4-8716-6cb89791d7fd/1/ptIVhUB72Uio90yYC8vACO4zca4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/022839-6984-40d4-8716-6cb89791d7fd/1/93cF6Ju2W0cuTgGE1v6b-4xYY1o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a03:5840:fa::/48

    Signature Algorithm: sha256WithRSAEncryption
         08:68:4a:11:81:2e:fc:63:20:06:58:12:6f:96:59:2a:f8:e7:
         af:19:4c:ca:a1:d6:a6:32:36:bb:d5:22:c4:5d:82:3d:41:1e:
         72:5d:a2:67:a6:c1:16:9a:52:0f:8f:4a:f3:62:a1:14:cf:bf:
         ec:3a:4f:17:8b:d4:04:1d:d0:cc:86:f8:fb:1e:5b:1c:0d:c6:
         70:f8:02:fc:d3:e1:b8:e7:f1:05:88:11:9b:7e:f5:48:c9:10:
         0d:8e:54:34:51:e1:b7:02:39:0c:3a:5e:70:63:3b:c5:4e:94:
         ff:7b:95:3f:d6:fb:64:eb:de:d2:2a:3c:65:cb:fb:9b:42:25:
         48:7f:33:9b:af:41:76:2a:83:25:d2:3b:50:50:ad:6c:b8:a0:
         b5:a3:07:23:68:b1:90:a2:c6:3a:f4:22:e5:87:bd:f5:25:69:
         3f:85:2a:db:59:e9:b4:14:d9:00:99:f6:2d:c7:07:53:34:03:
         ff:ec:91:14:f9:bb:65:b4:f1:b7:f3:6e:19:a3:74:73:85:17:
         21:eb:98:5c:b4:24:28:5a:fb:c0:42:1d:04:d2:44:bc:1e:4c:
         95:99:63:06:67:81:9e:30:9d:cb:5c:5f:b0:11:0a:f5:b3:ff:
         2e:96:fa:e6:22:76:ca:85:35:db:7c:be:3f:17:b3:e9:9c:4e:
         82:51:1e:33
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYlROQ/zKsChNyXv5sCyXd4rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY3NzcwNWU4OWJiNjViNDcyZTRlMDE4NGQ2ZmU5YmZiOGM1
ODYzNWEwHhcNMjMwNzEzMjE0NzIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNmQyMTU4NTQwN2JkOTQ4YThmNzRjOTgwYmNiYzAwOGVlMzM3MWFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxkESf+XMaO+RpkLivVAFzK+xPc/I
w+SLZjSO9fUg+U5nQeaDBURZwiYAF211qFTvCKtVx/nE1KHihC9irNPvzaSKLfNC
Dx9/xt92aBUVSKWgH6HDFhA689Xw7n4bnE84wHe99WNut+3Xy+FhNYGez8V/8r5C
p9I6qXYv6Q1mh1jnL7jumfhYgJyER3qD6EBWRXrGS8HFd9jkFXuPt0fGbLLTxeCJ
KDOJZjr3OgxOT07A2XZMojllq9qT31c3SUxdPNtLG5KfxYU558gMDrzB3M/UzHLm
Dk1/KCSu/xmrFV01Qg10FNsyy+2rQNhM/JyNCrtXyik5chFMvzn3jgx27QIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFKbSFYVAe9lIqPdMmAvLwAjuM3GuMB8GA1UdIwQY
MBaAFPd3BeibtltHLk4BhNb+m/uMWGNaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOTNjRjZKdTJXMGN1VGdHRTF2NmItNHhZWTFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yy8wMjI4MzktNjk4NC00MGQ0LTg3MTYt
NmNiODk3OTFkN2ZkLzEvcHRJVmhVQjcyVWlvOTB5WUM4dkFDTzR6Y2E0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yy8wMjI4MzktNjk4NC00MGQ0LTg3MTYtNmNiODk3OTFkN2Zk
LzEvOTNjRjZKdTJXMGN1VGdHRTF2NmItNHhZWTFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgNYQAD6
MA0GCSqGSIb3DQEBCwUAA4IBAQAIaEoRgS78YyAGWBJvllkq+OevGUzKodamMja7
1SLEXYI9QR5yXaJnpsEWmlIPj0rzYqEUz7/sOk8Xi9QEHdDMhvj7HlscDcZw+AL8
0+G45/EFiBGbfvVIyRANjlQ0UeG3AjkMOl5wYzvFTpT/e5U/1vtk697SKjxly/ub
QiVIfzObr0F2KoMl0jtQUK1suKC1owcjaLGQosY69CLlh731JWk/hSrbWem0FNkA
mfYtxwdTNAP/7JEU+btltPG3824Zo3RzhRch65hctCQoWvvAQh0E0kS8HkyVmWMG
Z4GeMJ3LXF+wEQr1s/8ulvrmInbKhTXbfL4/F7PpnE6CUR4z
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:19:35 2024 by rpki-client on console-ams.rpki-client.org